At Visa, we are committed to connecting and protecting the digital payments system and its users through a multi-layered approach.
For annual programmatic and progress updates, please see our ESG Resources page for our latest ESG Report.
At Visa, we are committed to connecting and protecting the digital payments system and its users through a multi-layered approach.
For annual programmatic and progress updates, please see our ESG Resources page for our latest ESG Report.
We invest in innovation to build and maintain trust across our network and the broader payments ecosystem. We continue to evolve our security capabilities and work to lower our global fraud rate.
The Visa Intelligent Security approach offers our ecosystem partners dynamic, data-rich solutions that help balance fraud reduction, dispute prevention, and increased approvals so that businesses can thrive while customers are protected and satisfied – however they purchase, wherever they are. The Intelligent Security framework spans the entire transaction lifecycle:
Visa prevented nearly $26 billion in fraud in 2021 by using artificial intelligence to analyze global transaction data.
We champion cybersecurity within our operations in parallel with helping advance the security of the broader payments ecosystem. Our Cybersecurity team, headed by the Chief information Security Officer develops our Cybersecurity strategy with the President, Technology and operates to detect, prevent and respond to threats in real-time. The comprehensive strategy provides the vision and path to achievement on how our cybersecurity program will protect Visa from data breaches and maintain trust in the payments ecosystem.
At Visa, we continue to build our cybersecurity strategy on a layered defense-in-depth approach. We further advance our capabilities based on our core areas of focus, including enhancing our architecture, expanding our data security program to include unstructured data, and conducting continuous security and efficacy efforts.
We leverage the following components to enact our cybersecurity strategy across the business:
Our cybersecurity approach is supported by robust governance processes, which involve regular reporting to the management- and Board-level committees responsible for risk management and oversight of cybersecurity. Our President, Technology provides regular updates to the Board on technology and cybersecurity, including an annual in-depth review.
Over the past several years, Gartner Consulting assessed Visa’s security posture and assigned Visa its highest rating among peer companies for the overall maturity of our cybersecurity program.
We believe that building trust begins with a commitment to privacy and security. We are committed to using the data entrusted to us to benefit consumers and help businesses and economies grow.
Central to our approach to privacy is understanding the types of data we collect and process, for example, during a typical purchase transaction. When a consumer makes a purchase, Visa receives an account number, expiration date, security code and transaction data, such as merchant type, amount and date. We primarily use this card transaction data to facilitate purchases and protect consumers against fraud and identity theft.
We believe consumers expect convenience, security and privacy from their payment experiences. To meet these expectations, Visa upholds the following commitments:
Our Global Privacy Office, composed of twenty-five professionals around the world, is led by Visa’s Chief Privacy Officer and closely coordinates with several cross-functional governance bodies. The Corporate Risk Committee and the Visa Board’s Audit and Risk Committee oversee the Global Privacy Program and the risks related to data privacy, including our compliance with current and emerging data protection laws around the world.
Ongoing Privacy Office activities include:
Visa uses data in various ways: to enable digital commerce across our network, to keep VisaNet safe and secure from cyber threats, and to protect consumers from fraud. We harness data to improve the security and value of the Visa network, better serve our clients and partners, and drive positive impact for communities and economies around the globe.
We recognize that consumers are concerned about their data, how it’s being collected and used, and whether it’s secure. Visa’s privacy commitments are reflected in our Privacy Notices and, where we market services directly to consumers, in the terms and conditions of those programs. Our unwavering commitment to data security is reflected in everything we do, from our technology and cyber defenses, to our Zero Liability promise to cardholders.
We understand that people want more information on the ways in which companies use data. To that end, we developed the following Data Values to capture, in plain language, the principles we believe should apply when companies engage with consumer data. We will use these values as a touchstone to inform Visa’s role as a leader in the payments ecosystem and when we engage in our own marketing or other programs directly with consumers. We hope these Values can serve as a “north star” to drive trust and security by bringing a “consumer first” posture to data use and privacy.
Security: Individuals and businesses should have confidence that Visa payment data is safe. There is no higher priority for Visa than safeguarding those who use our products, services and network.
Control: Visa will always strive to provide simple explanations regarding how data may be used and to empower individuals with easy processes to manage use of their data.
Value: Data use at Visa should benefit individuals, businesses and economies. We strive to do this by delivering greater security, financial inclusion and consumer convenience.
Fairness: Visa’s application of data and data-driven insights aims to be fair, inclusive and avoid discrimination. Visa will strive to make our models explainable, accurate and safe.
Accountability: Visa’s approach to data use should be consistently applied at all levels of the organization and be embedded through process, training, and management responsibilities.
These principles may evolve over time based on the needs of consumers, businesses and economies, and to adapt to new privacy regulations and standards that take shape. As Visa’s business moves into new technologies, payment flows, and value-added services, we are committed to engaging with policy-makers and regulators worldwide to participate in the development and harmonization of privacy regulations and standards.
Visa is committed to ensuring the integrity of our payment system and to maintain and enhance trust in the Visa brand as the most secure way to pay. We do not tolerate the use of our networks and products for illegal activity, and we are vigilant in our efforts to deter illegal transaction activity on our network.
Visa’s Global Brand Protection Program manages situations where the Visa brand is associated with potentially illegal or brand-damaging activities, such as illegal internet gambling, illicit pharmaceutical sales, child abuse images and abuse of intellectual property rights.
As part of this program, Visa conducts the following initiatives: